How To Migrate Google Authenticator To A New iPhone

Feb 03, 2017

Instructions on how to move Google Authenticator to a new iPhone so you don't lose access to accounts with two-factor authentication enabled.

The Google Authenticator app is a great way to take advantage of the security two-factor authentication provides. It adds additional security to your online accounts in the form of an additional security "factor". So in addition to the typical password (the first factor, something you know) the app, introduces a second factor: something you have, in the form of the mobile device on which the app is installed.

It's important to understand that it's the mobile device, in this case the iPhone, that is the additional security factor. And if it was easy to switch authentication power from one iPhone to another the whole thing would be less secure.

There Is No Easy Way To Move Google Authenticator To A New iPhone

This is the bad news. Whatever accounts you have set up in Authenticator on one iPhone will not automatically be transferred to another when you do the initial setup. The Authenticator app will be installed during the migration process, but not the accounts, and that is what really matters.

And there is no easy to migrate all of the Authenticator accounts to your new iPhone en masse. If you search you will see hints that it might be possible, but if you follow down through all of the comments you'll ultimately see that it just can't be done with iOS.

Moving Google Authenticator Apps To Your New iPhone

You're going to have to set up two-factor authentication on the new device one account at a time. This will require access to your old iPhone, so hopefully you still have it.

Generally the easiest approach is to go to the account n your laptop and login. Because you have two factor authentication enables you will need access to the authenticator codes from your old phone. Enter it to get full access to the account.

From there you have to enable the new device. This generally involves turning off or disabling two-factor authentication, then turning it back on. The website should then prompt you to scan a new bar code into your new iPhone.

Remember: Multi-Factor Authentication Does Not Make Weak Passwords OK

In some cases you may find that an account has ceased support for Authenticator. Going through all of my old accounts I noticed that several, for which I had previously enabled two-factor authentication, no longer required it. In some cases they had switched to different approaches to multi-factor authentication (like SMS text message to an authorized mobile number) or a proprietary app (in the case of Microsoft).

This is alarming. You may be assuming the protection of multi-factor authentication which is no longer in place.

And this is a good reminder that weak passwords are never OK! Maybe you you used a weak password thinking that it didn't matter, that you were protected by multi-factor authentication. Great, except that protection is no longer there!

As you are going through these accounts setting up Authenticator on your new device make sure that you are using strong passwords!

Prepare In Advance

If you don't have access to your phone. It's going to be really hard. And it should be.... by setting up the Authenticator app you basically said "don't give access to anyone that does not have possession of this device", and if you don't have it you're going to be out of luck.

If you're migrating to a new iPhone hopefully you are following the best practice of migrating to the new device, then trying to open each and every app to make sure everything works as it should. If you do that you'll be able to follow the steps above for moving your Authenticator accounts.

But access to an old phone can't always be assumed. Maybe you traded the old one in. Maybe it was lost, stolen, or destroyed.

Be ready for the worst. As you go through the process described above look at all your recovery options and enable as many as possible. The sites that offer multi-factor authentication generally seem to understand the increased risk of locking yourself out and offer you more ways back in. Take full advantage of all of them.

For example some sites let you add a second email address and/or telephone number for retrieving recovery codes. Some provide recovery codes – copy these and store them in your password manager.